Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/6ed434-cd51-4152-aa43-056bae27288e/1/DoH-fZfqEO3V3JJ3FDS5PozhU-Q.roa
File: DoH-fZfqEO3V3JJ3FDS5PozhU-Q.roa (raw, json)
Hash identifier: YXsSJ9k7IMrjFtcrxyjMu6FNtGLxUXlu/dJazvnsomc=
Subject key identifier: 0E:81:FE:7D:97:EA:10:ED:D5:DC:92:77:14:34:B9:3E:8C:E1:53:E4
Certificate issuer: /CN=507e582adc9369da8ae85dd935740123081c7eed
Certificate serial: 018B4EC8FA00CAF9019EBDCFFA568D213853
Authority key identifier: 50:7E:58:2A:DC:93:69:DA:8A:E8:5D:D9:35:74:01:23:08:1C:7E:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UH5YKtyTadqK6F3ZNXQBIwgcfu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/6ed434-cd51-4152-aa43-056bae27288e/1/DoH-fZfqEO3V3JJ3FDS5PozhU-Q.roa
Signing time: Fri 20 Oct 2023 20:31:15 +0000
ROA not before: Fri 20 Oct 2023 20:31:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6730
IP address blocks: 45.143.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4e:c8:fa:00:ca:f9:01:9e:bd:cf:fa:56:8d:21:38:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=507e582adc9369da8ae85dd935740123081c7eed
Validity
Not Before: Oct 20 20:31:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0e81fe7d97ea10edd5dc92771434b93e8ce153e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:3d:51:87:b1:91:9c:bf:b2:57:46:19:35:ed:
1a:0f:b5:24:53:ad:24:20:79:88:be:6e:21:16:40:
bd:49:40:ba:54:6f:dc:a2:0a:3f:51:ec:a8:ac:18:
f1:0b:26:d1:c2:a9:a9:16:03:7a:63:60:91:25:e6:
bf:63:e9:0f:76:4c:18:8b:02:e3:5a:d4:d9:c3:47:
a2:1c:5d:f0:c5:f7:ec:ad:af:40:aa:2c:f3:54:57:
79:36:2c:2e:3a:09:6d:7a:f6:30:b0:59:64:78:79:
ac:15:e9:2e:1b:25:58:a5:20:b5:54:8f:78:b3:48:
6a:25:b1:11:54:2f:de:c8:3d:92:99:93:ae:28:6b:
4d:9e:f8:7c:20:3f:72:cd:18:70:27:5b:e9:96:bb:
cc:e9:90:d8:f7:2a:aa:f3:74:b8:0d:64:6d:6d:7d:
d0:dd:46:17:92:ed:2e:c3:02:03:f6:e4:ba:42:f7:
72:40:fd:a7:d8:ba:e7:e9:70:76:d6:ed:28:a6:a7:
33:39:43:74:da:38:46:0a:a5:2f:ae:a4:ed:7b:68:
ef:e0:42:4b:ef:49:68:c0:1f:e1:95:d6:77:fc:72:
45:0b:df:21:ea:b9:f2:05:1e:db:57:1b:07:bd:27:
2f:f7:b1:95:65:86:03:4e:20:31:4c:9b:ee:b5:25:
09:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:81:FE:7D:97:EA:10:ED:D5:DC:92:77:14:34:B9:3E:8C:E1:53:E4
X509v3 Authority Key Identifier:
keyid:50:7E:58:2A:DC:93:69:DA:8A:E8:5D:D9:35:74:01:23:08:1C:7E:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UH5YKtyTadqK6F3ZNXQBIwgcfu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6ed434-cd51-4152-aa43-056bae27288e/1/DoH-fZfqEO3V3JJ3FDS5PozhU-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/6ed434-cd51-4152-aa43-056bae27288e/1/UH5YKtyTadqK6F3ZNXQBIwgcfu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.143.156.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:fc:58:a6:2f:a3:d1:c6:e3:1f:7d:de:1c:ba:fb:59:e2:ce:
c0:e4:4e:a1:48:a4:44:4e:5a:a7:91:27:c7:cc:42:14:2f:1a:
fb:57:ac:53:60:c5:b5:c7:21:17:41:4b:86:17:f3:08:93:3b:
0d:c9:de:70:fe:79:f9:3f:3f:4a:89:95:19:e9:1f:c2:5d:8b:
b4:05:e4:2d:cb:74:50:70:ff:bc:fb:bf:5c:4a:02:83:f4:31:
a3:87:1e:e8:56:1c:6c:d6:83:e3:80:58:62:d6:16:1d:64:ec:
6b:04:12:92:0e:a1:24:1e:31:1d:81:a3:5b:22:7f:2f:ee:2d:
40:31:4d:15:4d:f1:80:dc:31:dd:85:d5:e2:b2:04:1c:5b:d4:
56:04:16:bb:9b:5a:6b:c3:b8:d9:33:a4:52:62:76:90:20:24:
f9:b4:95:d3:4c:c8:ac:ea:fc:8d:d6:0d:d2:c3:13:db:ee:09:
cd:e4:93:b8:b6:2d:29:5d:4b:b2:92:d6:ff:a6:64:7b:54:d9:
be:38:57:95:c5:ce:27:97:3e:8c:d7:53:43:ac:8d:1f:20:da:
cf:cb:84:75:e2:05:df:7c:d2:b8:d7:5d:5f:02:dc:d6:49:82:
01:9d:d4:59:f5:57:bc:c1:fa:91:b4:cd:de:23:23:2b:54:d9:
8f:f7:48:5f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtOyPoAyvkBnr3P+laNIThTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwN2U1ODJhZGM5MzY5ZGE4YWU4NWRkOTM1NzQwMTIzMDgx
YzdlZWQwHhcNMjMxMDIwMjAzMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTgxZmU3ZDk3ZWExMGVkZDVkYzkyNzcxNDM0YjkzZThjZTE1M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT1Rh7GRnL+yV0YZNe0aD7UkU60k
IHmIvm4hFkC9SUC6VG/cogo/UeyorBjxCybRwqmpFgN6Y2CRJea/Y+kPdkwYiwLj
WtTZw0eiHF3wxffsra9AqizzVFd5NiwuOgltevYwsFlkeHmsFekuGyVYpSC1VI94
s0hqJbERVC/eyD2SmZOuKGtNnvh8ID9yzRhwJ1vplrvM6ZDY9yqq83S4DWRtbX3Q
3UYXku0uwwID9uS6QvdyQP2n2Lrn6XB21u0opqczOUN02jhGCqUvrqTte2jv4EJL
70lowB/hldZ3/HJFC98h6rnyBR7bVxsHvScv97GVZYYDTiAxTJvutSUJmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6B/n2X6hDt1dySdxQ0uT6M4VPkMB8GA1UdIwQY
MBaAFFB+WCrck2naiuhd2TV0ASMIHH7tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUg1WUt0eVRhZHFLNkYzWk5YUUJJd2djZnUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS82ZWQ0MzQtY2Q1MS00MTUyLWFhNDMt
MDU2YmFlMjcyODhlLzEvRG9ILWZaZnFFTzNWM0pKM0ZEUzVQb3poVS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS82ZWQ0MzQtY2Q1MS00MTUyLWFhNDMtMDU2YmFlMjcyODhl
LzEvVUg1WUt0eVRhZHFLNkYzWk5YUUJJd2djZnUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALY+cMA0G
CSqGSIb3DQEBCwUAA4IBAQDP/FimL6PRxuMffd4cuvtZ4s7A5E6hSKRETlqnkSfH
zEIULxr7V6xTYMW1xyEXQUuGF/MIkzsNyd5w/nn5Pz9KiZUZ6R/CXYu0BeQty3RQ
cP+8+79cSgKD9DGjhx7oVhxs1oPjgFhi1hYdZOxrBBKSDqEkHjEdgaNbIn8v7i1A
MU0VTfGA3DHdhdXisgQcW9RWBBa7m1prw7jZM6RSYnaQICT5tJXTTMis6vyN1g3S
wxPb7gnN5JO4ti0pXUuyktb/pmR7VNm+OFeVxc4nlz6M11NDrI0fINrPy4R14gXf
fNK4111fAtzWSYIBndRZ9Ve8wfqRtM3eIyMrVNmP90hf
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:47:41 2025 by rpki-client